Black Hat Bash - Bash Scripting for Hackers and Pentesters (Early Access) (Dolev Farhi, Nick Aleks)

Security Lab Precautions

Follow these guidelines to reduce the risks associated with building and

operating a hacking lab:

Avoid connecting the lab directly to the internet. Hacking lab environments

typically run vulnerable code or outdated software. While these vulnerabilities

are great for hands-on learning, they could pose risks to your network,

computer, and data if they become accessible from the internet. Instead, we

recommend working through the book when connected to local networks that

you trust or while operating offline.

Deploy the lab in a virtual environment using a hypervisor. Separating the lab

environment from your primary operating system is generally a good idea, as

it prevents conflicts that could potentially break other software on your

computer. We recommend using a virtualization tool to ensure this separation.

In the next section, you’ll install the lab in a Kali virtual machine.

Take frequent snapshots of your virtual machine. Snapshots are backups of

your virtual machine that allow you to restore it to a previous state. Lab

environments often won’t stay stable after we attack them, so take snapshots

whenever your lab is in a stable state.

With these best practices in mind, let’s get our hands dirty, and our lab up and

running!

Installing Kali

Kali is a Linux distribution created for penetration testing. Based on Debian, it

was designed by OffSec. We’ll use Kali as our lab’s operating system because it

comes bundled with some of the libraries, dependencies, and tools we’ll need.

Your Kali machine will play two roles in the lab environment: First, it will act

as the host responsible for running the target networks and machines against which

we’ll run our scripts, and secondly, it will serve as the hacking machine from

which you’ll perform your attacks.

You can find an x64 version of the Kali virtual machine images for the

VMware Workstation and Oracle VirtualBox hypervisors at

https://www.kali.org/get-kali. Pick the hypervisor of your choice and follow the

official installation instructions at https://www.kali.org/docs/installation to install

it.

After completing the installation process, you should see the Kali login screen

shown in Figure 3-1. Kali ships with a default user account named kali whose

password is kali.